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Quantum key distribution (QKD) has initially been 
proven secure using ideal devices. However, implementa- 
tions use imperfect devices available with current technol- 
ogy. Therefore, there are security proofs for QKD which 
model the devices to allow these imperfection, though 
at the expense of a lower secure key rate. To achieve 
provable security, it is crucial that the devices and im- 
plementations are verified to be within the models in the 
security proofs. 

Security loopholes have been found originating from 
discrepancies between the actual implementations and 
the models in the security proofs. For instance, one such 
discrepancy allows the tailored bright illumination at- 
tacks 1-3], recently shown also to be applicable against 
superconducting single-photon detectors [U, H|. In this 
case the loophole is caused by the response of qubit mea- 
surement devices (detectors) to swarms of qubits (bright 
illumination). The question is how to counter such loop- 
holes. 

In their paper, Yuan et al. propose to counter these 
bright illumination attacks by monitoring the avalanche 
photodiode (APD) current for "anomalously high values" 
[6j. The robustness of this countermeasure is shown by 
arguing that previously proposed attacks do not work 
anymore. First of all, this leaves the challenge of deter- 
mining what is "anomalously high". In order to achieve 
provable security, this threshold must originate from a 
security proof. Secondly, the fundamental issue, namely 
that the detector response deviates from the models in 
the security proofs [7j, is not solved by this countermea- 
sure. 

As discussed previously d, practical QKD can- 
not become provably secure by intuitive countermeasures 



against known attacks. This approach also requires man- 
ufacturers to make frequent, possibly costly upgrades to 
their systems. Loopholes should instead be countered by 
modifying the implementation and/or the security proofs 
such that the devices are within the models of the security 
proofs. This is the only way practical QKD can obtain 
the provable security that makes it superior to classi- 
cal key distribution schemes. This is also how loopholes 
have been handled previously: for example, the photon- 
number splitting attack [lOj led to more general secu- 
rity proofs |ll| and eventually more efficient protocols 
to negate the decrease in the key rate 11211 . In another 
example, detector efficiency mismatch [Ijj, enabling for 
instance the time-shift attack [3, [H| , is now included in 
security proofs [ljl • For the bright illumination at- 
tacks, we have proposed a secure detection scheme which 
integrates with security proofs 18]. In this scheme, a 
calibrated light source is used to verify the quantum ef- 
ficiency in the center of the detector gate. Randomizing 
detection events outside the center of the gate provides 
a lower bound on the fraction of detections in the center 
of the gate. 

In this particular case, we have already shown that 
an eavesdropper using temporally tailored light of short 
pulses containing less than 120 photons can threaten the 
security of QKD [4|. This faint after-gate attack would 
not be detectable with the countermeasure proposed by 
Yuan et al., since the pulses would not cause an "anoma- 
lously high" current, but rather a current similar to the 
current caused by a single photon. Therefore, this serves 
as an example of the risk associated with closing loop- 
holes in an intuitive way. 
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